Method and apparatus for deep packet inspection for network intrusion detection
US8448234B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 14, 2008 |
| Grant date | May 21, 2013 |
| Priority date | — |
| Expiry date | Jun 8, 2031 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
In a method of determining whether a data stream includes unauthorized data, the data stream is analyzed using a hardware filter to detect a presence of one or more of a first set of patterns in the data stream. It is determined whether a packet in the data stream belongs to one of a plurality of data flows to be further inspected based on the analysis of the data stream by the hardware filter. A set of rules is applied to the packet to produce rule match status data if it is determined that the packet belongs to one of the plurality of data flows to be further inspected. The packet is analyzed to determine if the packet includes unauthorized data using software stored on a computer-readable medium and implemented on a processor if the rule match status data indicates that the packet potentially includes unauthorized data.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.